Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-0099HistoryMay 31, 2014 - 11:17 a.m.
CVE-2014-0099
2014-05-3111:17:00
Debian Security Bug Tracker
security-tracker.debian.org
26
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | tomcat7 | < 7.0.75-1 | tomcat7_7.0.75-1_all.deb |
| Debian | 9 | all | tomcat8 | < 8.5.54-0+deb9u1 | tomcat8_8.5.54-0+deb9u1_all.deb |
Related
nessus
nessus
F5 Networks BIG-IP : Apache Tomcat vulnerability (SOL15432)
2014-10-10 00:00:00
Oracle Linux 7 : tomcat (ELSA-2014-0827)
2014-07-24 00:00:00
Apache Tomcat 7.0.x < 7.0.53 Multiple Vulnerabilities
2015-03-02 00:00:00
ubuntucve
ubuntucve
CVE-2014-0099
2014-05-31 00:00:00
cve
cve
CVE-2014-0099
2014-05-31 11:17:00
osv
osv
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
2022-05-14 01:10:18
tomcat7 - security update
2016-01-17 00:00:00
prion
prion
Integer overflow
2014-05-31 11:17:00
f5
f5
SOL15432 - Apache Tomcat vulnerability CVE-2014-0099
2014-07-17 00:00:00
K15432 : Apache Tomcat vulnerability CVE-2014-0099
2015-08-31 00:00:00
github
github
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
2022-05-14 01:10:18
ibm
ibm
redhat
redhat
kaspersky
kaspersky
KLA10072 Multiple vulnerabilities in Apache Tomcat
2014-03-30 00:00:00
threatpost
threatpost
Apache Patches Bugs in Tomcat
2014-05-30 12:31:25
ubuntu
ubuntu
Tomcat vulnerabilities
2014-07-30 00:00:00
freebsd
freebsd
tomcat -- multiple vulnerabilities
2014-05-23 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2302-1)
2014-08-05 00:00:00
RedHat Update for tomcat RHSA-2014:0827-01
2014-07-07 00:00:00
Apache Tomcat Multiple Vulnerabilities (Nov 2014)
2014-11-28 00:00:00
oraclelinux
oraclelinux
tomcat security update
2014-07-23 00:00:00
tomcat security update
2014-08-07 00:00:00
tomcat6 security and bug fix update
2014-07-09 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.53
2014-03-30 00:00:00
Fixed in Apache Tomcat 8.0.5
2014-03-27 00:00:00
Fixed in Apache Tomcat 6.0.41
2014-05-23 00:00:00
mageia
mageia
Updated tomcat and tomcat6 packages fix security vulnerabilities
2014-06-20 00:30:12
amazon
amazon
Medium: tomcat8
2015-05-14 14:40:00
Medium: tomcat7
2015-05-14 14:38:00
fedora
fedora
[SECURITY] Fedora 21 Update: tomcat-7.0.59-1.fc21
2015-02-23 08:03:06
securityvulns
securityvulns
Apache Tomcat multiple security vulnerabilities
2014-05-29 00:00:00
centos
centos
tomcat6 security update
2014-07-09 16:09:49
debian
debian
[SECURITY] [DSA 3447-1] tomcat7 security update
2016-01-17 15:47:11
[SECURITY] [DSA 3447-1] tomcat7 security update
2016-01-17 15:47:11
[SECURITY] [DSA 3530-1] tomcat6 security update
2016-03-25 18:47:56
symantec
symantec
SA100 : Apache Tomcat Vulnerabilities
2015-07-23 08:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2014
2014-07-15 00:00:00
Oracle Critical Patch Update - October 2016
2016-10-18 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for DEBIANCVE:CVE-2014-0099